Page MenuHomeFreeBSD
Differential D42000

security/clevis: NEW PORT a pluggable framework for automated decryption
AbandonedPublic
Actions

Authored by dch on Sep 27 2023, 3:25 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sun, Jan 4, 11:18 PM
Unknown Object (File)
Sun, Dec 28, 1:27 PM
Unknown Object (File)
Dec 8 2025, 5:44 PM
Unknown Object (File)
Nov 20 2025, 8:42 AM
Unknown Object (File)
Nov 20 2025, 8:42 AM
Unknown Object (File)
Nov 20 2025, 7:19 AM
Unknown Object (File)
Nov 13 2025, 3:22 PM
Unknown Object (File)
Nov 13 2025, 11:20 AM
View All 62 Files
Subscribers
mat

Details

Reviewers
None
Summary

Using security/tang as an example, it is possible for clevis to retrieve
a previously encrypted secret from the stateless tang server, without
the server having any knowledge of the secret.

Plugins, called pins, can be nested and combined in various ways,
from network presence, to Shamir secret sharing, and TPM2 hardware.

WIP - requires changes upstream.

Diff Detail

Repository
rP FreeBSD ports repository
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 53745
Build 50636: arc lint + arc unit

Revision Contents
Changeset List

PathSize
security/
1 line
clevis/
26 lines
3 lines
20 lines

Diff 127867

View Options

security/Makefile

Loading...
View Options

security/clevis/Makefile

Loading...
View Options

security/clevis/distinfo

Loading...
View Options

security/clevis/pkg-descr

Loading...